Aqua container safety

Huawei Cloud Market Aqua container security protects enterprise containers from hacker attacks through image scanning and runtime control. Software containers represent unique security challenges due to the scale, agility, and openness of container environments. The Aqua platform itself is designed for containers, giving enterprises complete visibility and control of container activity throughout the CI/CD lifecycle without compromising existing DevOps efficiencies.

Service provider information:Anling Technology (Shenzhen) Co., Ltd. Shanghai Branch
Invoicing subject:Anling Technology (Shenzhen) Co., Ltd. Shanghai Branch
Payment method:Mirror
Click to view Huawei Cloud price information
Product pictures
Product details
Product Highlights
  • Huawei Cloud Market Aqua container security protects enterprise containers from hacker attacks through image scanning and runtime control.
Product parameters
Delivery method
Mirror
Service supervision
If you purchase goods that involve service supervision, you should enter the buyer center after purchase to submit your requirements and promptly accept them.
Not involved
Invoicing subject
Anling Technology (Shenzhen) Co., Ltd. Shanghai Branch
operating system
Linux
Version
2.6
Release date
2018-02-07
Category
Host security
Product description

Software containers represent unique security challenges due to the scale, agility, and openness of container environments. The Aqua platform itself is designed for containers, giving enterprises complete visibility and control of container activity throughout the CI/CD lifecycle without compromising existing DevOps efficiencies.

Aqua container security solutions include:

1) Image Assurance-Image Assurance

2) Runtime control - Runtime Protection

3) User Access Control - User Access Control

4) Inter-container firewall - Network Nano-Segmentation

5) Password Management - Secret Management

6) Audit and Compliance - Audit and Compliance



Features

1.1.1 Image security

Aqua scans the vulnerabilities of the operating system and development language files in the image, as well as sensitive information, custom security or compliance check content in the image, helping enterprises solve the problem of traditional security software being unable to sense the container environment. Aqua can be integrated with CI/CD tools, so that problems found during scanning can be fed back to relevant personnel for processing in a timely manner.

Aqua uses image security controls to prevent high-risk and unknown images from running, while also ensuring that only Goldens that meet enterprise security specifications are used. ImageOS The image is running.

1.1.2 runtime control

Usually the behavior of the container is fixed, Aqua's Runtime Profiling can automatically learn the behavior of container running, help enterprises formulate and standardize container running permissions, ensure that containers run with minimum permissions, and effectively prevent the occurrence of security risk events such as privilege escalation attacks and illegal operations.

1.1.3 User access control

1.1

It is difficult for the existing container environment to solve the problem that different users can access all containers, images and other resources in the container environment. Aqua's user access control can help enterprises limit different users to have different permissions on different resources.

1.1.4 Inter-container firewall

Due to the complexity and closed nature of the container environment network, it is difficult for enterprises to control the network communication between containers. Aqua's inter-container firewall can effectively help users control and isolate inter-container networks through the kernel level.

1.1.5 Password management

Aqua allows users to load sensitive information such as passwords into the container as environment variables, so that external users cannot view the clear text of the password in the container, and the module supports dynamic password modification.

1.1.6 Audit and Compliance

Aqua records security and audit logs of the container environment and can send them to The SIEM system facilitates users to analyze and view security events in the container environment within the enterprise. In addition, Aqua Agent will also check the Docker host configuration and provide CIS audit reports and repair suggestions.



Application Guide

start up:
docker run -d -p 8080:8080 -p 3622:3622 -v /var/run/docker.sock:/var/run/docker.sock aquasec/csp:2.6

access:
http://IP:8080

Go to Host->Add New Host and install Enforcer for each Docker Host.


For details, please contact ChinaSupport@edvancesecurity.com

400-099-2608

Sales target

All users

Product pricing

North China-Beijing 1

  • North China-Beijing 1
Service support
User Guide
User manual.docx download
Platform support scope

        

         
        
        
Goods and Services Agreement

        

            

                By ordering this product you agree toGoods and Services Agreement